Worm

Win32.Worm.Mybot.TW removal tips

Malware Removal

The Win32.Worm.Mybot.TW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32.Worm.Mybot.TW virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32.Worm.Mybot.TW?



File Info:

name: BC1ADCC6DD7A366BEAAF.mlw
path: /opt/CAPEv2/storage/binaries/e8287f6260e39dfd2383195f38f0821b811afe689b2811f5ca9bd5256479afd6
crc32: 5DB219BA
md5: bc1adcc6dd7a366beaaf8b3cc2999e4d
sha1: fad91d52554c08744fa8ab49cd670d5d4ec45d27
sha256: e8287f6260e39dfd2383195f38f0821b811afe689b2811f5ca9bd5256479afd6
sha512: f7e203b6bdd9287837a654cf018b94267c3a7d05f141baab5bd9c477d155ba6037d7731ccc35bab8cbb0a540e23dd78f0c5f487792d985fbec84fd3a3aa3e673
ssdeep: 384:v/WA7iP0vRpuTFUOn3KcP+ok6fiF+cTXWuyakwFMuSi100ir9ZEQ8IWLLheOhKhh:57iP0vRpuRUOnlP+B6fiJhvAbEmWgslI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160B2D03C19B1D21FE9113CF5CB79A0BE2C028938575610AE55E0DEB70A5D9ECA2B4BF4
sha3_384: 887e48cc4d9946786640c7160a30ab70afa31ed5be13273c30c54645be517fdcd6e3da46c1677be40f6c386f9084d7cc
ep_bytes: 
timestamp: 2006-01-20 01:18:11


Version Info:

0: [No Data]

Win32.Worm.Mybot.TW also known as:

BkavW32.AIDetectMalware
Elasticmalicious (moderate confidence)
MicroWorld-eScanWin32.Worm.Mybot.TW
FireEyeGeneric.mg.bc1adcc6dd7a366b
McAfeegeneric!bg.fhs
MalwarebytesMalware.Heuristic.1003
Cybereasonmalicious.6dd7a3
CyrenW32/Heuristic-MUP!Eldorado
tehtrisGeneric.Malware
APEXMalicious
BitDefenderWin32.Worm.Mybot.TW
SophosGeneric ML PUA (PUA)
VIPREWin32.Worm.Mybot.TW
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.mc
Trapminemalicious.moderate.ml.score
EmsisoftWin32.Worm.Mybot.TW (B)
IkarusVirus.Win32.Heri
GDataWin32.Worm.Mybot.TW
JiangminBackdoor/SdBot.lss
GoogleDetected
Antiy-AVLTrojan[Backdoor]/Win32.SdBot
XcitiumMalware@#1e5xq6i1pmxii
ArcabitWin32.Worm.Mybot.TW
MicrosoftProgram:Win32/Wacapew.C!ml
ALYacWin32.Worm.Mybot.TW
MAXmalware (ai score=91)
PandaBck/Sdbot.GKT
ZonerProbably Heur.ExeHeaderL
RisingWorm.SpyBot.abg (CLASSIC)
SentinelOneStatic AI – Suspicious PE
FortinetGeneric_bg.GPW
DeepInstinctMALICIOUS

How to remove Win32.Worm.Mybot.TW?

Win32.Worm.Mybot.TW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment